Output of Configuration

Question

Hello, 
&nbsp;  
&nbsp; Is there any way that I can request/intruct my f5 Admins to output all of the configuration data for my applications (pools, monitors, cookie settings, etc.) in some easy way?   
&nbsp;  
&nbsp; I want to compare all of the applications to ensure consistency and check the correctness with regard to changes that have been made over time.  I would also like to be able to compare that non-Prod is setup the same as Prod, etc. 
&nbsp;  
&nbsp; As an SAP Admin, I don't have direct access to the f5, so it is difficult to keep track myself. 
&nbsp;  
&nbsp; Thanks, 
&nbsp;  
&nbsp; Brian

nojan_moshiri_4 · Answer

Are your f5 administrators aware of the "roles" feature that allows administrators such as yourself to access the systems in read-only mode? 
&nbsp; The roles include: 
&nbsp; Administrator - Complete access to all objects and configuration synchronization on redundant system pairs. 
&nbsp;  
&nbsp; Manager - Create, modify and delete virtual servers, pools, pool members, nodes, custom profiles, custom monitors and iRules(tm); view all objects. 
&nbsp;  
&nbsp; Application Editor - Modify nodes, pools, members and monitors; view all objects. 
&nbsp;  
&nbsp; Application Security Policy Editor - Complete control of the Application Security Manager; view all objects (analogous to administrator for BigIP systems with ASM installed). 
&nbsp;  
&nbsp; Operator - Enable and disable nodes and pool members; view all objects. 
&nbsp;  
&nbsp; Guest - View all objects. 
&nbsp;  
&nbsp;  
&nbsp; In the meantime, if your f5 administrator is comfortable with it, they could send you the bigip.conf itself, it's one way to read it (which is only okay if you're comfortable reading command line config and stitching it together) or they could take screen shots and send it to you. 
&nbsp;  
&nbsp; There might be another clever way to provide the same info.. I'll give it more thought or maybe someone else will chime in too.  But as a regular and ongoing basis, I think having an role setup for you is essential. 
&nbsp;  &nbsp;

bls9701_10560 · Answer

Thank you for the response.  I passed it on to the f5 Admin and was told that neither of those options are possible right now.  I'm still open to other suggestions if anyone has any. 
&nbsp;  
&nbsp; Thanks, 
&nbsp;  
&nbsp; Brian

john_clowers_16 · Answer

Brian, 
&nbsp;  
&nbsp; Would you be able to provide us with the version of BIG-IP code your company is using on the LTM's? 
&nbsp;  
&nbsp; Best Regards, 
&nbsp; John Clowers

nojan_moshiri_4 · Answer

If someone doesn't have time to take a simple screenshot to show you your configs, I don't see how any other option could be easier. &nbsp;

cspillane_18296 · Answer

Hello, 
&nbsp;  
&nbsp; if you don't mind comparing text files, (with WinMerge or a similar program this is made easy) you could use a Single Configuration File (SCF) to capture the running config. 
&nbsp;  
&nbsp; use the cli command: 
&nbsp;  
&nbsp; b export  
&nbsp;  
&nbsp; output goes to /var/local/scf by default.  Copy the file off with WinSCP or your prefered method and conpare between units. 
&nbsp;  
&nbsp; This sounds obvious, but it's a good idea to use the hostname and date for the filename to avoid later confusion! 
&nbsp;  
&nbsp; I hope this helps.

Forum Discussion

Output of Configuration

6 Replies

Recent Discussions

Chrome V 124+ on MacOS - Virtual Server Access Issue

F5Access | MacOS Sonoma

Transaction looks successful but file not downloading

Overwriting or adding LTM SSL Traffic cert and key using iControlREST

F5 Access Guard Deprecated: ZTA APM

Related Content

What is the output of crypto::hash

Certificate Expiry Email alert configuration

TMSH iRules stats output to CSV

relocation cpu core on vcmp host the guest configuration back to default configuration

Re: LTM SYN Cookie Configuration